IBM i 7.5 impacts to Assure Monitoring and Reporting (AMR) users - Assure_Secure_File_Transfer_ - Assure_Elevated_Authority_Manager_(EAM) - Assure_Secure_File_Transfer_PGP - Assure_Encryption - Assure_Secure_File_Transfer - Required_for_All_Modules - Assure_Monitoring_and_Reporting_(AMR) - Assure_Security_Multi-Factor_Authentication_(MFA) - Assure_DB2_Data_Monitor_(DB2MON) - Assure_System_Access_Manager_(SAM) - Assure_Secure_File_Transfer_with_PGP - 7.0

Assure Security Release Notes

Product type
Software
Portfolio
Integrate
Product family
Assure
Product
Assure Security > Assure Elevated Authority Manager (EAM)
Assure Security > Assure Encryption
Assure Security > Assure Secure File Transfer
Assure Security > Required for All Modules
Assure Security > Assure Monitoring and Reporting (AMR)
Assure Security > Assure Security Multi-Factor Authentication (MFA)
Assure Security > Assure DB2 Data Monitor (DB2MON)
Assure Security > Assure System Access Manager (SAM)
Assure Security > Assure Secure File Transfer with PGP
Version
7.0
Language
English
Product name
Assure Security
Title
Assure Security Release Notes
Copyright
2025
First publish date
2019
Last updated
2025-01-08
Published on
2025-01-08T15:12:18.805000

In IBM i 7.5, the default value for the Authority (AUT) parameter on IBM commands Create Journal (CRTJRN) and Create Journal Receiver (CRTJRNRCV) changed from *LIBCRTAUT to *EXCLUDE. which results in the *JRN and *JRNRCV objects being created with *PUBLIC user *EXCLUDE authority.

If you use the Assure Monitoring and Reporting (AMR) feature of Assure Security, this operating system difference may affect your ability to access journal and journal receiver objects on an IBM i 7.5 system. AMR users can create journals and receivers that may reside in user libraries. User profiles that do not have the proper authority to the *JRN and *JRNRCV objects will not be able to access, view, change, or delete them. This may affect user processes and any third party processes that need to use these journal and receivers. Consider the following:
  • Assure Security operations that create new journal and receiver objects invoke the IBM commands without specifying a value for AUT. New journals and receivers created by Assure Security on an IBM i 7.5 system will have *PUBLIC user *EXCLUDE authority. Only users with *ALLOBJ authority or special authority to the journals and receivers can use them.

  • Assure Security operations that change journal receivers pass the value *GEN to the JRNRCV parameter when invoking the Change Journal (CHGJRN) command. The resulting receiver automatically has the same authorities (including *PUBLIC) as the currently attached receiver.

Action required: If you need to access journals and receivers created for Assure Monitoring and Reporting on an IBM i 7.5 system, one of the following is necessary:
  • Your user profile must be given specific authority to the *JRN and *JRNRCV objects (EDTOBJAUT command).

  • Your user profile must have *ALLOBJ authority
  • The public authority of the *JRN and *JRNRCV object must be changed (EDTOBJAUT command)